CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3111
https://notcve.org/view.php?id=CVE-2017-3111
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances. Se ha descubierto un problema en Adobe Experience Manager 6.3, 6.2, 6.1 y 6.0. Los tokens sensibles se incluyen en peticiones http GET bajo ciertas circunstancias. • http://www.securityfocus.com/bid/101843 http://www.securitytracker.com/id/1039800 https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3107
https://notcve.org/view.php?id=CVE-2017-3107
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. Adobe Experience Manager 6.3 y anteriores tiene una vulnerabilidad de error de configuración. • http://www.securityfocus.com/bid/100188 http://www.securitytracker.com/id/1039099 https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-6933
https://notcve.org/view.php?id=CVE-2016-6933
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks. Adobe Experience Manager Forms en versión 6.2 y versiones anteriores, LiveCycle 11.0.1, LiveCycle 10.0.4 tienen un problema de validación de entrada en el AACComponent que puede ser utilizado en ataques de XSS. • http://www.securityfocus.com/bid/94867 http://www.securitytracker.com/id/1037465 https://helpx.adobe.com/security/products/aem-forms/apsb16-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7883
https://notcve.org/view.php?id=CVE-2016-7883
Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks. Adobe Experience Manager versión 6.2 tiene un problema de validación de entrada en create Launch wizard que podría utilizarse en ataques de XSS. • http://www.securityfocus.com/bid/94869 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7885
https://notcve.org/view.php?id=CVE-2016-7885
Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. Adobe Experience Manager versión 6.2 y versiones anteriores tienen una vulnerabilidad que podría ser usada en ataques CSRF. • http://www.securityfocus.com/bid/94876 http://www.securitytracker.com/id/1037464 https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html • CWE-352: Cross-Site Request Forgery (CSRF) •